恶意软件及其地下经济：每一个故事都有两面性

恶意软件及其地下经济：每一个故事都有两面性

課程信息

3,079 次近期查看

Learn about traditional and mobile malware, the security threats they represent, state-of-the-art analysis and detection techniques, and the underground ecosystem that drives such a profitable but illegal business.

Malicious Software and its Underground Economy: Two Sides to Every Story is a short, introductory, and experimental (i.e., pilot) course featuring 6 lectures. Each lecture lasts roughly anything between 1h and 1.5h and is logically divided in a number of ~15 mins self-contained units. Although a non-negligible effort has been made to fulfill this breakdown, some units last definitely longer and require a bit more effort---just pause the video and take a break ;-)
In addition, the course features 6 multiple-choices mandatory quizzes (i.e., 1 per lecture) and 1 bonus quiz. Passing all the mandatory quizzes awards a "pass" mark of the course, while passing all the mandatory quizzes and the bonus one awards a "distinction" mark.

可分享的證書

可分享的證書

完成後獲得證書

100% 在線

100% 在線

立即開始，按照自己的計劃學習。

可靈活調整截止日期

可靈活調整截止日期

根據您的日程表重置截止日期。

完成時間（小時）

完成時間大約為14 小時

可選語言

英語（English）

字幕：英語（English）

可分享的證書

可分享的證書

完成後獲得證書

100% 在線

100% 在線

立即開始，按照自己的計劃學習。

可靈活調整截止日期

可靈活調整截止日期

根據您的日程表重置截止日期。

完成時間（小時）

完成時間大約為14 小時

可選語言

英語（English）

字幕：英語（English）

講師

提供方

伦敦大学

The University of London is a federal University which includes 18 world leading Colleges. Our distance learning programmes were founded in 1858 and have enriched the lives of thousands of students, delivering high quality University of London degrees wherever our students are across the globe. Our alumni include 7 Nobel Prize winners. Today, we are a global leader in distance and flexible study, offering degree programmes to over 50,000 students in over 180 countries. To find out more about studying for one of our degrees where you are, visit www.london.ac.uk

教學大綱 - 您將從這門課程中學到什麼

週

1

週 1

完成時間（小時）

完成時間為 3 小時

Introduction

After reporting on the insights of a real-world research about a botnet takeover, students will learn about malicious software, with a particular glimpse at botnets and their detection to finally conlude brielfy with rootkits.<BR><BR><B>Lecture outline</B><BR>1. Should we care? A botnet takeover storytelling<BR>2. Admin blabbing<BR>3. Malicious software <BR>4. (a glimpse at)Botnets<BR>5. (a glimpse at) Botnets detection & Rootkits

週 2

完成時間（小時）

完成時間為 3 小時

Static analysis and its limitations

Students will look at the malware landscape of the early days and what effort and challenges the AV industry was facing to fight malware threats. The lecture covers static analysis as a first technique to analyze and detect malware; (basic) assembly and reverse engineering notions are provided with a look at basic techniques to fool the state-of-the-art disassembly algorithm, quickly highlighting the limits of static analysis, especially when focused on analyzing malware. A walk-through to reverse engineer an example program concludes the lecture.<BR><BR>Given the complexity of the topic and the fact the course is a short and introductory class on a vast topic, the aim of the lecture is to provide a broad overview, with a few detailed insights wherever appropriate.<BR><BR><B>Lecture outline</b><BR><BR>1. Early days, AV industry<BR>2. (a glimpse at) Reverse engineering (part 1)<BR>3. (a glimpse at) Reverse engineering (part 2)<BR>4. (a glimpse at) Polymorphism, code obfuscation<BR>5. IDA Pro—a very simple example. . .

週 3

完成時間（小時）

完成時間為 3 小時

Dynamic analysis and its limitations

While looking at how the malware landscape has been evolving, students will be given an introduction at dynamic analysis, a complementary technique to static analysis to fight malware threats. Packing and algorithmic-agnostic unpacking is introduced as an initial step toward full dynamic analysis. The lecture quickly mentions sandboxes and limits of dynamic analysis and sandboxes, to finally conclude with a brief overview of a particular academic research state-of-the-art for malware protection.<BR><BR>Given the complexity of the topic and the fact the course is a short and introductory class on a vast topic, the aim of the lecture is to provide a broad overview, with a few detailed insights wherever appropriate.<BR><BR><B>Lecture outline</b><BR><BR>1. Toward dynamic analysis<BR>2. (a glimpse at) Dynamic analysis (part 1)<BR>3. (a glimpse at) Dynamic analysis (part 2)<BR>4. (a glimpse at) Limits of dynamic analysisM<BR>5. AccessMiner—system-centric models

週 5

完成時間（小時）

完成時間為 2 小時

Cybercriminal underground economy

After having skimmed throughout different malware-related threats, week 5 will introduce students to the specialized underground cybercrime that surrounds this malware-driven profitable but illicit business.

After an initial recap on an early evidence of such phenomena, pay-per-install and exploit-as-a-service cybercriminal-oriented business model will be overviewed. Finally, as most of the (exploit-as-a-service) attacks nowadays happen because of memory error exploitations, the lecture will provide a succinct overview on the issue, backed up by statistics to understand whether such a quite dated software vulnerability is still an issue or not (and where should research be focusing on).<BR><BR><B>Lecture outline</b><BR><BR>1. Introduction<BR>2. Pay-per-Install<BR>3. Exploit-as-a-service<BR>4. Memory errors: the past, the present, and the future

週 6

完成時間（小時）

完成時間為 2 小時

The cost of cybercrime

This final lecture will introduce students to another aspect of the cybercriminal underground economy; we will first discuss an interesting report that recently outlined one of the biggest online underground economy, followed by a discussion on how big is the cost of cybercrime (not just in terms of revenue for the cybercriminal). The lecture will conclude the course and provide a few final remarks.<BR><BR><B>Lecture outline</b><BR><BR>1. China's online underground economy (part 1)<BR>2. China's online underground economy (part 2)<BR>3. The cost of cybercrime (part 1)<BR>4. The cost of cybercrime (part 2)<BR>5. Conclusion and final remarks